How to Install Trellix Intelligent Sandbox

4.6/5 - (9 votes)

Hey guys today we are going to learn how to install Trellix intelligent sandbox earlier it was McAfee threat defence ATD, but you know the brand is renamed with Trellix.

I have already tested it in my lab and a lot of improvements and a lot of new features is added to Trellix intelligent sandbox.

Trellix Intelligent Sandbox

What is Sandbox?

A sandbox is an isolated environment similar to your main machine to perform an analysis and testing in a sandbox machine without losing your data.

Now the current scenario attacker and hackers are targeting the very smartly victim

they are changing the known application code or injecting some malicious code into that application which is Highly popular in the market and you are going to download and install it on your machine the higher chances of your system data being compromised.

In that case, you can use windows sandbox for the sandbox solution before executing any file in your main system you have to execute the same file in the sandbox and check if all are working fine with no issues then you have to execute the same file in your main machine.

If you never worked on sandbox I highly recommend you go with Microsoft windows sandbox which is available on Windows 10 and Windows 11 I have already created the article for that and explain step by step

Microsoft windows Sandbox

Basic sandbox feature which is provided by Microsoft | I have created a separate article on How to Install Windows Sandbox.

  • Sandbox is not storing any data.
  • Not connected to your main machine physically and virtually.
  • Create a separate tunnel from the sandbox to the internet.
  • After reboot sandbox is wipe out the running data and storage data.
  • Very less than the resource required.
  • Easy to operate sandbox.

Trellix Intelligent sandbox

Now we are going to talk about Trellix Intelligence Sandbox so basically earlier the name is McAfee advanced threat defence called ATD,

Trellix provides 2 types of appliances physical and virtual according to your requirement you can .implement.

Is clicks intelligent sandbox is supporting the type of analysis static analysis and dynamic analysis.

Static Analysis vs Dynamic Analysis.

If you submit the file for static analysis just check the file information binary code, file hash, certificate details, etc, in the GTI and GAM engine and provide you with the information.

If you go for the dynamic analysis the file will execute and the VM machine which is hosted in your sandbox appliance and execute that file under the VM and check the multiple parameters.

accordingly provides you with the report and shares the file information with other security products.


Trellix Intelligent sandbox Installation

First, log in to the Trellix Download centre through your grand number and follow the step.

Make Sure to Check this box: – Show only the latest version

  • Go to Management Solutions
  • Click on Virtual Advanced Threat Defense Software
  • Check this box INSTALLATION / EXTENSION
  • Download this 3-item ATDDXLTag / ATDThreatEvents / vATD-MIO-5_0_0_11-5-5e352af9.ova Version 5.0
trellix-intelligent-sandbox-OVA-file-Size

trellix intelligent sandbox OVA file Size

Once you download the file just right-click and open it with VMware Workstation.

trellix-intelligent-sandbox-OVA-file-mount-in-VMware

Trellix intelligent sandbox OVA file mount in VMware

Just type the virtual machine name as per your convenience and choose the location where you are going to store my scenario I create the dedicated folder for the virtual machine if you do the same or you can also keep it as a default.

trellix-intelligent-sandbox-Importing-to-VMware

Trellix intelligent sandbox Importing to VMware

trellix-intelligent-sandbox-ova-IMPORTING

Trellix-intelligent-sandbox-ova-IMPORTING


Import the ova file in your VMware Workstation this is the hardware default configuration

 trellix-intelligent-sandbox-Profile-is-Created-on-on-VMware

Trellix intelligent sandbox Profile is Created on VMware.

Now here I have changed my hardware configuration according to my sizing because I am using the lab for testing purposes that’s why I changed it but if you are doing it on the production side don’t change it

 trellix-intelligent-sandbox-Chnage-the-Hardware

Just click power on the ATD installation process will start in VMware Workstation so this process happens automatically no need to do anything once the installation is complete it will show you the login window.

trellix-intelligent-sandbox-installation-on-VMware

McAfee advanced threat defence ATD is ready for configuration, just you have to use the default login credentials


  • Username :cliadmin
  • Password: atdadmin
trellix-intelligent sandbox login Page

The first time you are login with the same user account you have to change the password and keep it at your convenience must be a strong password.

 cli-user-name-change-in-trellix-intelligent-sandbox

cliadmin user name-change-in-Trellix-intelligent-sandbox

 trellix-intelligent-sandbox-IP-Address-Configuration

Trellix-intelligent-sandbox-IP-Address-Configuration


set appliance name

Example :- set appliance IP 192.168.0.105 255.255.255.0

set appliance ip
Configure-hostname-trellix-intelligent-sandbox

Configure-hostname-trellix-intelligent-sandbox

set appliance gateway

Type the show command and check whether your configuration is saved or not

show
 trellix-intelligent-sandbox-IP-address-Configuration-in-VMware

Trellix intelligent sandbox IP address Configuration in VMware

set appliance dns 1.1.1.2 10.11.10.4

Resetusertimeout {user account name} this is a very important command when you log in to the browser and sometimes you directly close the browser error shows the account is already login in this case this command will help you to reset your account session.

resetusertimeout

 trellix-intelligent-sandbox-Console-login

trellix intelligent sandbox Console login

 trellix-intelligent-sandbox-Console-user-id-Password-Change

Trellix intelligent sandbox Console user id Password Change

trellix-intelligent-sandbox-Console

Trellix intelligent sandbox console

How to Create VM Image check out this post VM Image Creation


What Is Sandbox?
ATD System Requirement
ATD Architecture
Resource Download
Installation step by step
Console overview
ATD Configuration
TIE/DXL/ MAR intregation
ATD installation on Hyper-v
Create VM Image for ATD
VM image Activation
Sample testing on Sandbox
Android Image APK sample Testing
ATD Upgrade 4.X
Windows 11 Sandbox

Leave a Reply